what you don't know can hurt you
Showing 1 - 25 of 41 RSS Feed

Files Date: 2012-04-20

Kaseya 6.2.0.0 Cross Site Scripting
Posted Apr 20, 2012
Authored by Mark Lachniet | Site foofus.net

Kaseya version 6.2.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9b6299913957ab6d905e3764be038b98
HP Security Bulletin HPSBMU02764 SSRT100827 2
Posted Apr 20, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | linux, windows
advisories | CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192
MD5 | aff846af673c7b44d692485afd250089
MiPagina CMS Cross Site Scripting
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

MiPagina CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3079764c650c9716bbd590e9d29698fd
Script-KS CMS 4.0.2 Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Script-KS CMS version 4.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 66dbad96324d5b2f4d907e8c3eabf1e7
JA-Programacao CMS Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

JA-Programacao CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | b7a7c1230ac440b8eb9a2f4e9471e1ac
Trend Joinery SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Trend Joinery suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7faa72efa411c6e917bb446e92f4bfa4
Waylu CMS Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Waylu CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 38a0e4846522431f7f4355be34ee026d
Liferay JSON Request Control Takeover
Posted Apr 20, 2012
Authored by Jelmer Kuperus

Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.

tags | exploit, web, proof of concept
systems | linux
MD5 | 842f6b4765772a61cdc4b88e3ce9067f
Owncloud Account Overtake / File Upload Code Execution
Posted Apr 20, 2012
Authored by Lukas Kupczyk | Site metasploit.com

This Metasploit module exploits several vulnerabilities in Owncloud 3.0.1 and earlier in order to achieve code execution.

tags | exploit, vulnerability, code execution
MD5 | 6c75e0009dec7a2e5d562d7414c61d80
Ubuntu Security Notice USN-1400-5
Posted Apr 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1400-5 - USN-1400-1 fixed vulnerabilities in Firefox. Firefox 11 started using GSettings to access the system proxy settings. If there is a GSettings proxy settings schema, Firefox will consume it. The GSettings proxy settings schema that was shipped by default was unused by other applications and broke Firefox's ability to use system proxy settings. This update removes the unused schema. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0455, CVE-2012-0457, CVE-2012-0456, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0462, CVE-2012-0464
MD5 | 6e76afb48105327ceba40585d932d58e
Debian Security Advisory 2455-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2455-1 - Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2012-2112
MD5 | 5f9d9d8e05c845911b4758c7c3903684
Debian Security Advisory 2454-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2454-1 - Multiple vulnerabilities have been found in OpenSSL. Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack (MMA). It was discovered that a NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to denial of service. Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2012-0884, CVE-2012-1165, CVE-2012-2110
MD5 | b2f1f7c3eaeb890008741c9423318737
Vermont Web Design SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Vermont Web Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 62fb8a59915d9787803db883b9f40c31
Secunia Security Advisory 48927
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Download Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 20b857d3834cbf0fb32326f1a0680b99
Secunia Security Advisory 48904
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ReadyDesk, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 79f1bdb7eacfc06717dc3fa9f018c35c
Secunia Security Advisory 48856
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - luks has discovered a vulnerability in ownCloud, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 01108686127e1efb93cb6518d587d287
Secunia Security Advisory 48857
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle BI Publisher, which can be exploited by malicious people to manipulate certain data.

tags | advisory
MD5 | 9c957a1a353d15c784db9b887d6e59dd
Secunia Security Advisory 48882
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to disclose potentially sensitive information, manipulate certain data, and compromise a vulnerable system, and by malicious people to manipulate certain data.

tags | advisory, local, vulnerability
MD5 | c6bc0f762d69b6fef3368ba6733e338f
Secunia Security Advisory 48877
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Human Capital Management, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
MD5 | 12d0a368df471e4881029160b69782a2
Secunia Security Advisory 48858
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager Connector for Database User Management, which can be exploited by malicious users to manipulate certain data.

tags | advisory
MD5 | c8dcd943c4dd9d8457b06931070ab192
Secunia Security Advisory 48826
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Grid Engine, which can be exploited by malicious, local users to gain escalated privileges and by malicious users to compromise a vulnerable system.

tags | advisory, local, vulnerability
MD5 | 26ae58d9111372c69668d68edea4cfd5
Gilbert Life SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Gilbert Life suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d535fb5351466be04e1b1c03980cd1d3
Park Road SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Park Road suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b6f1632253c9bb9c2f67a782d1bf4b78
OpenSSL Toolkit 1.0.1a
Posted Apr 20, 2012
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Overflow in asn1_d2i_read_bio has been addressed. Various other updates.
tags | encryption, protocol
systems | unix
advisories | CVE-2012-2110
MD5 | a0104320c0997cd33e18b8ea798609d1
OpenSSL ASN1 BIO Vulnerability
Posted Apr 20, 2012
Site openssl.org

A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio. Affected users should upgrade to OpenSSL 1.0.1a, 1.0.0i or 0.9.8v.

tags | advisory
advisories | CVE-2012-2110
MD5 | 1caf27fcbf861c8636948ecc774275d6
Page 1 of 2
Back12Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close